CVE-2018-15473 - SSH user enumeration


It seems to me that is not been reported here yet. There is a new vulnerability to OpenSSH (user enumeration) that also affects Dropbear. CVE-2018-15473

If you have Docker, you can easily build the POC and test it by yourself with these 2 commands:

$ docker build -t cve-2018-15473
$ docker run --network host --rm cve-2018-15473 --port 22 --username root openwrt.lan



Nevermind i think i found it. Different CVE number

For the vast majority of OpenWrt users, this isn't a security risk, as OpenWrt is a single user OS, meaning root is the only account majority of users utilize for SSH.

  • While additional users can be configured for SSH, there's only a handful of usage cases since OpenWrt is a single user OS.

Fixed in master:;a=commit;h=2211ee0037764e1c6b1576fe7a0975722cd4acdc

Fixed in 18.06:;a=commit;h=8bb9d053eb17c98659f5fb04d7a7c3bafdf42e9c

Fixed in 17.01:;a=commit;h=bb7c4cff2086fffddf5cb20e40cfe4979ba1a7e6